[Git][security-tracker-team/security-tracker][master] CVE-2023-28366,mosquitto: Link to regression fixes
Markus Koschany (@apo)
apo at debian.org
Sat Sep 30 19:40:52 BST 2023
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0ff94e9b by Markus Koschany at 2023-09-30T20:39:00+02:00
CVE-2023-28366,mosquitto: Link to regression fixes
Those commits have to be applied as well. The regression was detected by the
06-bridge-b2br-disconnect-qos1.py broker test.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27630,6 +27630,8 @@ CVE-2023-28366 (The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16
- mosquitto 2.0.17-1
NOTE: https://mosquitto.org/blog/2023/08/version-2-0-16-released/
NOTE: https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9 (v2.0.16)
+ NOTE: Regression fix: https://github.com/eclipse/mosquitto/commit/bfb373d774d8530e8d6620776304a3e0b0201793
+ NOTE: Regression fix: https://github.com/eclipse/mosquitto/commit/28d96d8ebca9f6bdb7f272f1095760953e62d828
CVE-2023-28365 (A backup file vulnerability found in UniFi applications (Version 7.3.8 ...)
NOT-FOR-US: UniFi
CVE-2023-28364 (An Open Redirect vulnerability exists prior to version 1.52.117, where ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff94e9b1d4670964f7c72158cee7f1885c2b817
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ff94e9b1d4670964f7c72158cee7f1885c2b817
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230930/020fdc87/attachment.htm>
More information about the debian-security-tracker-commits
mailing list